In many situations, where there is a need to communicate sensitive information, it may be desirable to use a publicly-available communication network. Examples include the exchange of personal, medical and insurance information between various pairings of parties involved in healthcare, such as patients and medical service providers, patients and insurance providers, insurance providers and medical service providers, and service providers at different locations. Providing a secure system that uses a widely-available communication network, such as the interne, would allow for a convenient and efficient exchange of information.
There are three primary aspects of secure communication addressed herein. One is encryption, which provides protection against inadvertent disclosure of information, such as eavesdropping or interception. Another aspect is authentication, which is ensuring that the other party is who it claims to be. Authentication is important in remote communication where the parties cannot see each other and one might be an imposter. A third aspect is data integrity, which is ensuring that the data arriving at the recipient's location is the data that was sent by the original sender. Data integrity prevents substitution or alteration of message contents. As used here, the term secure communication generally includes encryption, authentication and data integrity.
Unfortunately, various forms of communication in widespread use, such as e-mail are generally not secure. Even many websites that bill themselves as “secure” only truly provide one-way security, as discussed below. Without additional measures, such as the exchange of digital certificates, the convenience of using a publicly-available communication network cannot be extended to sensitive information without introducing risks of improper disclosure or impersonation.
One of the challenges to implementing such a system is the technical complexity involved with establishing bi-directionally security with the desired communication partners, such as the creation and exchange of digital certificates. Individuals may lack the skills or other resource, and organizations may lack the proper support staff. Some industries, therefore, remain heavily invested in a paper-based transaction system. Such manual systems, although slow and cumbersome, may be perceived as necessary in order to provide the required levels of security and reliability.
While secure communications are possible over a public network, the level of sophistication required to initialize and administer an appropriately-secure system remains beyond the reach of many network users. Specifically, the difficulties lie in setting up a system and keeping it properly updated with new users, dropped users, and changes to continuing users. Other challenges include a lack of universally-accepted standards for certain types of transaction needs, the cost of current solutions, and the unsuitability of current solutions to bi-directionally secure communications.
Public-key Infrastructure (PKI) has promised to solve many privacy and security problems. It has been touted as the primary mechanism to share an entity's public keys with others, thus allowing the creation of trusted relationships between the entities and the exchange of secure, non-repudiated information. These claims have become controversial because the promise has in many cases not been kept. Some uses, such as informal email certificate exchange and secure FTP (usually PGP) are common, but do not scale, especially on an enterprise scope. Some of the difficulties include:
a. Difficulty of generation and distribution of keys. Difficulty is magnified when trying to implement a system with “low tech” users or users with little experience.
b. The demand for security at this level has not emerged. In many situations, the solutions are over-engineered.
c. PKI is not cost-effective for many applications.
In the white paper “An Examination of Asserted PKI Issues and Pro-posed Alternatives”, John Linn, RSA Laboratories, Bedford, Mass., USA, Marc Branchaud, RSA Security Inc. March 2004, the disclosure of which is hereby incorporated by reference, various issues with PKI acceptance are discussed further.
Despite these issues, PKI is in relatively wide-spread use and providing secure communication in certain situations. PKI uses a well-known mechanism called digital certificates. Digital certificates use key pairs: a private key and a public key. An entity's public key may be distributed to anyone who wishes to send encrypted communication to that entity. The recipient of the public key can use the public key to encrypt information that is then sent, possibly via e-mail, to the entity. The entity retains the private key in a safe place, since only a holder of the private key is able to decrypt the communication encrypted with the corresponding public key. Such a system provides both one-way authentication as well as protection from eavesdropping, because an imposter or third party intercepting the communication cannot decrypt it.
Authentication is a verification that the recipient of the communication is the owner of the digital certificate. Anyone can send another entity's digital certificate. But only the holder of the private key for that certificate can decrypt a message sent using the public key. The recipient's ability to decrypt a communication uniquely identifies it as one possessing the private key. This then is the authentication of the recipient's identity. Digital certificates also can be used for data integrity, protecting against both accidental corruption and intentional tampering or substitution. Thus a digital certificate can address the three of the aspects of secure communication mentioned above.
Privacy and authentication can help provide security, but each entity that desires to send information securely must have a copy of each recipient's digital certificate. This is because PKI only provides one-way authentication. For bi-directional authentication, PKI is used to provide one-way authentication in both directions.
One of the challenges in setting up a system for a group of users is the generation and distribution of the digital certificates. Often, one entity with the proper resources may generate the digital certificates for communication partners. Currently, the organizations that generate the key pairs for others have a dilemma: the sensitive information that needs to be sent to a partner (the key pair) will allow for a secure communication channel, but how can any sensitive information, such as the private portion of a key pair, be economically distributed before the secure communication channel is in place?
Some organizations distribute the certificates by mailing them on CD or sending a courier with a CD. Others may actually e-mail the certificates, which exposes them to possible electronic interception and copying, and increases the risk of a security breach. The challenges multiply when a certain entity, such as a medical insurer wishes to communicate securely with its client base and network of medical providers, many of whom may not be technically adept. The size of the group can drive up the costs of physical delivery of the certificates, and insecure e-mail distribution may present unacceptable risks.
There are also challenges in maintaining a secured communication system for a group of users. Several different types of events can happen that require action. If a new entity joins the group, and needs to communicate with others, the new entity must not only obtain the certificates of the existing users, but also distribute its own certificate. Also, one of the users may be dropped from the system, based on either voluntary withdrawal or involuntary termination. In the latter case, some arbitrator would need to inform the remaining users that a particular entity can no longer be trusted. Further, existing users may wish to periodically change their certificates either as a precaution or in response to a security breach. In such a case, the user changing the certificate would need to inform all other users not to use the previous certificate.
Digital certificates generally have expiration dates. However, due to the expense and effort involved in re-issuing certificates, many organizations set the expiration date far into the future to delay required update. This generally goes against what many security-conscious organizations regard as “best practices.”
One security solution that has emerged for some retail situations is third-party certification, such as is provided by VeriSign. One notable user of VeriSign's service is Amazon.com. However, for multiple reasons, this solution does not fully address the needs mentioned above for bi-directionally secure communication, such as what is needed for the exchange of healthcare information. First, the security offered is only one-way authentication. That is, Amazon.com's customers can trust that they are sending their orders and credit card information to Amazon.com or a designated transaction handler, but Amazon.com cannot use VeriSign to verify the identity of the customers.
One-way authentication for a retailer is not entirely problematic. Ordering books or bidding on merchandise using another person's name does not have the same significance as updating or accessing private medical or financial information using another person's name. Retailers using the one-way authentication may require a username, password or secret question for customer accounts, but these may not provide the level of security required for more sensitive information.
As consumers and organizations increase their use of the internet for information exchange, the desire for bi-directionally secure communications will increase. This is particularly the case as consumers do more management of their own healthcare information, selection of plans and access of their personal health records via a web browser. The security offered by a unique digital certificate, that can authenticate their interaction, can provide a level of security beyond what is offered by usernames, passwords and secret questions. One benefit of using bi-directionally secure communication over the internet is that the patient can be assured that the doctor is the one receiving the information, and the doctor can be assured that the information is actually coming from the patient. In order to breach the system, one would have to physically possess the private key material.
Therefore, there exists a need for a system that can provide authentication information, such as a private and public key pair, and distribute and maintain such information in an efficient, timely and user-friendly manner.